To send email you need a Mail User Agent (MUA). The MUA is used for composing the message and creating the mail, etc. However if your MUA is a 'dumb' terminal, that is, dumb in terms of email handling such as most PCs, Macs, etc., the terminal needs to be connected to a smart host. A smart host is a Message Transfer Agent (MTA) which knows all about mail handling, queuing, sending, etc. it is possible to compose an email directly on a MTA and this is covered below.
Oxford's Message Transfer Agent is smtp.ox.ac.uk, also known as the SMTP server or outgoing server when configuring email clients. It is actually part of Herald. SMTP stands for Simple Mail Transfer Protocol. A MTA can spool, queue, retry, resolve aliases, rewrite headers and other functions.
From the smtp server, mail is sent to the Oxmails. These are 4 Suns running EXIM software which is the MTA software that does the message handling. The Oxmails do address rewriting and are using in rotation to even the load and provide a continuous service. It is highly unlikely that all 4 will fail at the same time so the service is very robust.
When configuring MUA clients, the outgoing host should be set to smtp.ox.ac.uk. If it is set to Sable, Ermine, etc. then it slows down both your email and the machine for everyone else. The incoming host is the machine that hold your mailboxes, e.g. Ermine, Sable, Herald.
If the address an email is to be sent to is an oxford account handled by OUCS, the Oxmails look up the address and send the message to the appropriate machine. Otherwise, they use the Domain Name Server (DNS) to find the MX record for that address. MX records are specifically for email. If there is no MX record for an address, the Oxmails will use the A record. The A record gives the IP (Internet Protocol) address of the host. The IP address is used for all Internet services, not just email. Once an MX or an A record has been found, the mail is sent.
An MTA could be a Unix box, an Exchange Server (NT), a Mercury Server, etc. By default, these servers run SendMail or an equivalent program. SendMail itself is highly complex, EXIM is the 'easy ' version. These servers and the SendMail, or equivalent, software are capable of similar tasks as the Oxmails. That is, mail handling, queuing, etc. Even though you may be using one of these servers, it is possible to turn SendMail off, to set it to send all mail to the Oxmails, to be on but 'closed' and protected or to be open. Problems which can occur with open servers are discussed later. In future, it may be a requirement to send all mail via the Oxmails.
Some units handle their own mail totally. This means that when a remote mail server looks up their MX record, it points to the their machine, the message is delivered directly to their machine and doesn't go near the OXMAILs.
Some units handle their own mail partially. In other words, the mail is sent to the Oxmails and the unit takes advantage of the Oxmails anti spam features. Then the mail is delivered to their machine for distributing to individuals. If there are any problems with the unit's computer, the Oxmails will queue the messages.
A Third possibility is for a unit not to handle its own mail at all. In this case, the Oxmails receive the mail and apply anti-spam filters. They check the mailer records to find the recipient from the 100 000 aliases in the database and Oxmails send the mail to the recipients mailbox.
As Ermine and Sable run MTAs, they could handle email themselves. If you use an address of the form username@ermine.ox.ac.uk from Ermine or username@sable.ox.ac.uk from Sable, this is delivered locally and does not go through the Oxmails. However, if you use the first.last@unit.ox.ac.uk address, the message will be sent to the Oxmails which will send it on to the recipient even if both are on Ermine.
Herald is also an MTA. However, Herald knows all its users so all mail is local delivery, whatever form of the address is used, except for recipients outside Herald when the mail is sent via the Oxmails.
Third party spam relaying, otherwise known as 'relay rape' is something an MTA needs to be protected against. It happens when an external machine deliberately sends mail for another destination through an Oxford MTA. The Oxford MTA does not check where it comes from although it knows it is not the destination so it sends the mail on. It might send it on directly to its destination or through OXMAILs. Whichever, the mail is stamped as having come through Oxford.
The Consequences of relay rape are that the perpetrator is using resources without authorisation and there is a greatly increased workload of that machine, which will affect all genuine, authorised users. Wider implications are that Oxford gets accused of spamming other computers. The machine that was used is banned from sending mail to the recipient and OXMAILs are also banned if mail sent on through them.
OXMAILs cannot check for replay rape. The messages that go through the Oxmails are passed to them by a valid Oxford machine; there is no way Oxmails can check where the message came from before that. Consequently, relay rape is a serious problem.
To prevent relay rape, configure MTA software to be closed, that is smtp relay is closed. This means that the MTA will not accept mail if it is not on the delivery path. Alternatively, switch off the MTA software and use OUCS instead.
Known weak spots are versions of SendMail before v8.9. From 8.9, SendMail was closed by default. Mercury servers are always open by default while Exchange v5 and v5.3 are closed by default. If in doubt, check the status of your MTA software.
The Oxmails are protected by allowing only certain restricted routes. Only mail from the World to Oxford, from Oxford to the World and from Oxford to Oxford is allowed.
An extra anti-spam measure, reverse DNS checking was introduced on 13th July, 1999. However, it has since been withdrawn due to the number of big businesses, and small, which do not have correctly configured and registered equipment. There is a possibility that it may be re-introduced in the future.
The idea was that the Oxmails would check the DNS entry for messages received, as well as to find where outgoing messages should be routed. This would mean that the sending hosts must be registered. Many spammers use machines that have random IP addresses that are not registered, therefore, this reverse lookup would trap spam email. In paractice, it trapped a lot more than spammers machines.
To make sure your machine is registered, see the password protected web page for IT Support Staff at http://users.ox.ac.uk/cgi-bin/safeperl/networks/ipnos. Alternatively, anyone can email hostmaster.ox.ac.uk to ask for their machine to be registered.
The majority of members of the University have two forms of their email address – the long form and the short form. For example, jane.littlehales@oucs.ox.ac.uk and jane.littlehales@computing-services.oxford.ac.uk. The long form originated when Coloured Book software was being used and it was never removed when we upgraded to an IP service. One obvious inconsistency is that the Oxmails re-write headers in the long form while the Contact Details Web pages give the short form.
It is possible for Heads of Department to ask for the re-writing to be short form. However, this would require every person to re-subscribe to every mailing list they are on. In practice, most people live with the inconvenience.
Rather more important that the two different forms are hybrid forms, for example first.second@longunit.ox.ac.uk and first.second@shortunit.oxford.ac.uk. When an external machine looks these up in its DNS records it will fail to find either an MX record or an A record so the mail will be returned to the sender with an error message. If messages with this address ever reach OXMAILs, e.g. they were sent from within Oxford, then they will be delivered. However, hybrid forms are not recommended.
Email addresses of the form first.second@oxford.ac.uk and first.second@ox.ac.uk may work even though the uni name is missing. This is a 'feature' and will only work if the first.second combination is unique in the University since records began. This feature is supported but not encouraged. It is not encouraged since it will stop working, with no notice to anyone, as soon an first.second becomes non-unique.
These addresses will work as long as they are correct and are particularly useful for OUCS staff if you are using Pine! Problems arise when you or the recipient migrate to a new machine, e.g. from Black to Sable, from Ermine to Herald as the address will then cease working. There is also the difficulty in remembering a person's username as most are unrelated to actual names, e.g. univ1234. It is much better to advertise the generic unit form.
Some error handling is built into the Oxmails. For example, when mail arrives with an identifiable unit but the user ID is not recognised, e.g. kane.littlehales@oucs.ox.ac.uk. If OUCS handles the email completely for that unit, the Oxmailss will send an email to sender with possible fuzzy matches for the user.
Example: Only some of the possibilities have been listed here. The actual result returned
would be longer.
Below is a list of email addresses for people with similar names. The number of the left
indicates the degree of similarity. A higher number indicates a better match
Looking for 'kane.littlehales'
87 jane.littlehales@oucs.ox.ac.uk
66 kate.lilley@bodley.ox.ac.uk
64 kate.lees@st-hildas.ox.ac.uk
62 kate.talks@cellsci.ox.ac.uk
62 kate.treleaven@exeter.ox.ac.uk
If you do not want your email address to be published, for example, in the Contact Information Web page, contact OUCS Registration Service. Being ex-directory also means that your mail headers not re-written when mail is sent out.
'Broken' clients and servers are often due to the software manufacturer so it is difficult to make any recommendations. Typical problems include malformed headers, quotes in wrong place and giving an address book alias instead of email address (although this is possibly a user problem). Other problems with email arise when the DNS entries are wrong or the host specified does not accept mail, etc.
Running your own mail server is
Overview of email in Oxford
http://www.oucs.ox.ac.uk/email/
Free On Line Dictionary of Computing
http://foldoc.doc.ic.ac.uk/foldoc/index.html
Any problems, questions, email Elena Blanco elena.blanco@oucs.ox.ac.uk